Port 55555

[J0hn]

What "Servers or services" run on port 55555? If anyone know, please let me know asap, thank you.

[KenJackson]

I googled "port 55555" and got 52,000 hits.

[J0hn]

52,000 hits meaning 52,000 exploits on port 55555? I've googled everywhere and I always get something bad from port 55555.

I've heard that port 55555 is an open door for intruders and hackers. I did a netstat -tulp and port 55555 is "Listen" there's no foreign address to it.

Some people say that it's a client port but I don't know. All I know is I have to disable the service that is running on that particular port. The thing is I don't know what's running on that port.

Again if anyone know let me know.

[KenJackson]

Any TCP/IP connection you make uses two ports. You use the "well-known" port number to initiate the connection with the server and a fairly randomly selected port for the return path. Port 55555 could legitimately be used occasionally for that purpose.

There have indeed been viruses and trojans that have used it. I don't know what's current.

You can run "netstat -a | grep 55555" to see if your computer has a server listening to that port.

Here is an interesting graph of port 55555 use (abuse?) from the internet storm center.

[/bin/bash]

I also knew a program that listening on port 55555, it should be metasploits web based...check it with ur browser http://localhost:55555

if metasploit appear, then ur server used to be a zombie...

[Danidan]

Hi,
Even better is to run netstat with the -p parameter to discover what program is listening on a given port.
The command:
netstat -p -a | grep 55555
gives the following output:
tcp 0 0 my.host.name:55555 *:* LISTEN 5216/avgscan

So it seems AVG for linux is running on my port 55555 which would be normal as I run this antivirus indeed. This is confirmed by googling "port 55555 avg for linux"
(e. g., www.avgbrasil.com.br/br/manuais/avg_linux_wks_usermanual_pt-br_70_3.pdf).
Well, if you have AVG installed, it's just the AvgDaemon.
On the contrary...


======== http://www.netpoliglota.com ======
"La faiblesse est pire pour la vertu que le vice"
======== http://www.netpoliglota.com ======

[tanyear]

Hi,
Even better is to run netstat with the -p parameter to discover what program is listening on a given port.
The command:
netstat -p -a | grep 55555
gives the following output:
tcp 0 0 my.host.name:55555 *:* LISTEN 5216/avgscan

So it seems AVG for linux is running on my port 55555 which would be normal as I run this antivirus indeed. This is confirmed by googling "port 55555 avg for linux"
(e. g., http://www.avgbrasil.com.br/br/manua...t-br_70_3.pdf).
Well, if you have AVG installed, it's just the AvgDaemon.
On the contrary...


======== http://www.netpoliglota.com ======
"La faiblesse est pire pour la vertu que le vice"
======== http://www.netpoliglota.com ======

you got it.
Another way, using the lsof can help you a lot
#lsof |grep 55555
but lsof is not the default package in many linux distributions.